Hacking the Election: Lessons from the DEF CON Voting Village

On October 10th, the Atlantic Council’s Cyber Statecraft Initiative and DEF CON hosted a public event on the vulnerabilities in US voting infrastructure and recommendations for a path forward in securing our democracy. Panelists included Ambassador Douglas Lute, former US permanent representative to NATO; Jeff Moss, founder of DEF CON and senior fellow for the Cyber Statecraft Initiative; John Gilligan, chairman of the board for the Center for Internet Security; Sherri Ramsay, former director of the NSA/CSS Threat Operations Center; and Harri Hursti, founding partner of Nordic Innovation Labs and organizer of the DEF CON Voting Village. The panel was moderated by Jake Braun, a lecturer at the University of Chicago and opening remarks were given by Fred Kempe.

A secure election forms the bedrock of American democracy. Yet, as evidenced in the 2016 presidential election, US voting systems – including our voting equipment, databases, and election office practices – are vulnerable to cyberattacks. We now know that during the election season, Russian actors targeted voter databases in at least twenty-one states across the country and sought to infiltrate the networks of voting equipment vendors, local election boards, political parties, and candidates. To shed light on these vulnerabilities, DEF CON – the world’s largest, longest-running hacker conference – featured a “Voting Machine Hacking Village” to highlight vulnerabilities in US election infrastructure at its annual conference in Las Vegas in July. Hackers participating in the demonstration successfully breached over twenty-five pieces of election equipment, much of which is still in use today, within minutes.

Leading national security experts and cybersecurity professionals used this event as a platform to discuss the DEF CON Voting Machine Hacking Village’s findings, which were published in a groundbreaking report. This event was a crucial first step to ensuring a future with secure democratic elections.

The webcast to this event can be viewed here.

Image: (L-R): Jake Braun, Jeff Moss, Sherri Ramsay, Harri Hursti, John Gilligan discc the vulnerabilities in American voting infrastructure.